Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2024-9975	SourceCodester Drag and Drop Image Upload upload.php unrestricted upload	SourceCodester	Drag and Drop Image Upload	Medium	6.3	2024-10-15 11:00:07	Deep Dive
CVE-2024-9047	WordPress File Upload <= 4.24.11 - Unauthenticated Path Traversal to Arbitrary File Read and Deletion in wfu_file_downloader.php	nickboss	Iptanus File Upload	Critical	9.8	2024-10-12 06:51:12	Deep Dive
CVE-2024-9611	Increase upload file size & Maximum Execution Time limit <= 2.0 - Reflected Cross-Site Scripting	ttodua	Increase upload file size & Maximum Execution Time limit	Medium	6.1	2024-10-11 06:50:15	Deep Dive
CVE-2024-8538	Big File Uploads <= 2.1.2 - Authenticated (Author+) Full Path Disclosure	bww	Big File Uploads – Increase Maximum File Upload Size	Medium	4.3	2024-09-07 08:37:02	Deep Dive
CVE-2024-7301	WordPress File Upload <= 4.24.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload	nickboss	Iptanus File Upload	High	7.2	2024-08-16 04:29:27	Deep Dive
CVE-2024-6494	WordPress File Upload < 4.24.8 - Unauthenticated Stored XSS	Unknown	WordPress File Upload	-	-	2024-08-07 06:00:06	Deep Dive
CVE-2024-6651	WordPress File Upload < 4.24.8 - Reflected XSS	Unknown	WordPress File Upload	-	-	2024-08-06 06:00:03	Deep Dive
CVE-2024-5852	WordPress File Upload <= 4.24.7 - Authenticated (Contributor+) Directory Traversal	nickboss	Iptanus File Upload	Medium	4.3	2024-07-16 08:32:30	Deep Dive
CVE-2024-35661	WordPress Upload Fields for WPForms plugin <= 1.0.2 - Broken Access Control vulnerability	SoftLab	Upload Fields for WPForms	Medium	5.3	2024-06-09 18:33:04	Deep Dive
CVE-2024-3717	Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.7.7 - Sensitive Information Exposure	glenwpcoder	Drag and Drop Multiple File Upload for Contact Form 7	Medium	5.3	2024-05-02 16:51:48	Deep Dive
CVE-2024-32546	WordPress Tax Rate Upload plugin <= 2.4.5 - Cross Site Scripting (XSS) vulnerability	Adam Bowen	Tax Rate Upload	High	7.1	2024-04-17 08:21:31	Deep Dive
CVE-2024-2847	WordPress File Upload <= 4.24.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode	nickboss	Iptanus File Upload	Medium	6.4	2024-04-09 18:59:10	Deep Dive
CVE-2024-31105	WordPress Tax Rate Upload plugin <= 2.4.5 - CSRF leading to Cross Site Scripting (XSS) vulnerability	Adam Bowen	Tax Rate Upload	High	7.1	2024-04-02 17:33:58	Deep Dive
CVE-2014-125110	wp-file-upload Plugin wfu_ajaxactions.php wfu_ajax_action_callback cross site scripting	-	wp-file-upload Plugin	Low	3.5	2024-03-31 23:31:05	Deep Dive
CVE-2024-2086	Integrate Google Drive <= 1.3.8 - Missing Authorization to Unauthenticated Settings Modification and Export	princeahmed	File Manager for Google Drive – Integrate Google Drive	Critical	10.0	2024-03-30 04:31:09	Deep Dive
CVE-2023-25965	WordPress Upload Resume plugin <= 1.2.0 - Sensitive Data Exposure vulnerability	mbbhatti	Upload Resume	Medium	5.9	2024-03-26 19:54:53	Deep Dive
CVE-2024-24887	WordPress Contest Gallery Plugin <= 21.2.8.4 is vulnerable to Cross Site Request Forgery (CSRF)	Contest Gallery	Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress	Medium	5.4	2024-02-12 08:43:27	Deep Dive
CVE-2023-51668	WordPress Inline Image Upload for BBPress Plugin <= 1.1.18 is vulnerable to Cross Site Request Forgery (CSRF)	WP Zone	Inline Image Upload for BBPress	Medium	4.3	2024-01-05 09:49:47	Deep Dive
CVE-2023-6551	Stored XSS in class.upload.php	class.upload.php	class.upload.php	-	-	2024-01-04 16:04:35	Deep Dive
CVE-2022-45377	WordPress Drag and Drop Multiple File Upload for WooCommerce Plugin <= 1.0.8 is vulnerable to Multiple Vulnerabilities	Glen Don L. Mongaya	Drag and Drop Multiple File Upload for WooCommerce	Medium	6.5	2023-12-21 13:06:33	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List